A novel technique for SQL injection with PHP PDO's prepared statements(slcyber.io)
slcyber.io
A novel technique for SQL injection with PHP PDO's prepared statements
https://slcyber.io/assetnote-security-research-center/a-novel-technique-for-sql-injection-in-pdos-prepared-statements/
1 comments
Wow nice find! The fact that this isnt patched until php8.4 is creepy. Lots of apps and sites running on much older php versions.